Add a privileged scope that allows authorization to be skipped
This commit is contained in:
Tom Hughes
parent
f4d1d97848
commit
64604a852f
3 changed files with 6 additions and 5 deletions
|
|
@ -419,10 +419,10 @@ Doorkeeper.configure do
|
|||
# Under some circumstances you might want to have applications auto-approved,
|
||||
# so that the user skips the authorization step.
|
||||
# For example if dealing with a trusted application.
|
||||
#
|
||||
# skip_authorization do |resource_owner, client|
|
||||
# client.superapp? or resource_owner.admin?
|
||||
# end
|
||||
|
||||
skip_authorization do |_, client|
|
||||
client.scopes.include?("skip_authorization")
|
||||
end
|
||||
|
||||
# Configure custom constraints for the Token Introspection request.
|
||||
# By default this configuration option allows to introspect a token by another
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue